Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Jun 9 03:09:01 PDT 2011

On Thu, Jun 9, 2011 at 10:33 AM, Stef Walter <stefw at collabora.co.uk> wrote:

>> Anyway but the serious thing is that p11-kit uses the fprintf(stderr,)
>> to report warnings and errors. In a library this is not always optimal
>> because noone might see those errors. In mod_gnutls for example
>> noone will see those errors (and in other servers the msg might even
>> end-up in the socket since many of the just close stderr and it is
>> re-used for connections).
> True. I want to make it possible to see errors and warnings easily. But
> you're right, that when used in a daemon this is problematic. I've added two
> new functions which help with this:
> p11_kit_be_quiet()
> p11_kit_message()
> Docs: http://p11-glue.freedesktop.org/doc/p11-kit/p11-kit-Future.html
> What do you think?

I'd suggest having a function that increases (and enables)
verbosity instead. I'll explain myself on why.

If p11-kit is used by libgnutls and librandom, both
used by an application random2, then if I call
p11_kit_be_quiet(), I'll disable verbosity even if
librandom specifically wanted that.

Moreover p11_kit_message() suggests it cannot be
thread-safe. So if two parallel runs of a p11_kit functions
are execute (maybe for a different module), what error
would sbd get?

I don't know what would have be the optimal solution,
that's why I'd suggest for a library to be silent unless
told to.

In gnutls we solved that with callbacks because at that
time I thought that the messages by gnutls are only useful
to the end-application using them (e.g. for auditing). This
would assume that the end-application would know about
gnutls being used. This is not always the case, and that's
why I don't suggest it as a solution.


More information about the p11-glue mailing list